django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into request.FILES. Depending on how files are handled, this may lead to confidentiality and integrity issues. This vulnerability is fixed in 7.0.2.
PUBLISHED5.2CWE-22CWE-26
django-s3file: Relative path traversal
Problem type
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- CWE-26: Path Traversal: '/dir/../filename'
Affected products
codingjoe
django-s3file
< 7.0.2 - AFFECTED
References
GitHub Security Advisories
GHSA-67qg-7284-2277
django-s3file is vulnerable to relative path traversal
https://github.com/advisories/GHSA-67qg-7284-2277Impact
S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into request.FILES
Depending on how files are handled, this may lead to confidentiality and integrity issues.
Patches
Django-S3File urges all users to update to a patched version >=7.0.2.
JSON source
https://cveawg.mitre.org/api/cve/CVE-2026-42196Click to expand
{
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"cveMetadata": {
"cveId": "CVE-2026-42196",
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"dateUpdated": "2026-05-12T20:58:02.872Z",
"dateReserved": "2026-04-25T01:53:21.584Z",
"datePublished": "2026-05-12T20:58:02.872Z",
"state": "PUBLISHED"
},
"containers": {
"cna": {
"providerMetadata": {
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M",
"dateUpdated": "2026-05-12T20:58:02.872Z"
},
"title": "django-s3file: Relative path traversal",
"descriptions": [
{
"lang": "en",
"value": "django-s3file is a lightweight file upload input for Django and Amazon S3. Prior to 7.0.2, S3FileMiddleware is vulnerable to relative path traversal attacks, where an attacker can use a modified request to escape pre-signed upload locations and have the Django application load files from random locations into request.FILES. Depending on how files are handled, this may lead to confidentiality and integrity issues. This vulnerability is fixed in 7.0.2."
}
],
"affected": [
{
"vendor": "codingjoe",
"product": "django-s3file",
"versions": [
{
"version": "< 7.0.2",
"status": "affected"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"lang": "en",
"description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')",
"cweId": "CWE-22",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"lang": "en",
"description": "CWE-26: Path Traversal: '/dir/../filename'",
"cweId": "CWE-26",
"type": "CWE"
}
]
}
],
"references": [
{
"url": "https://github.com/codingjoe/django-s3file/security/advisories/GHSA-67qg-7284-2277",
"name": "https://github.com/codingjoe/django-s3file/security/advisories/GHSA-67qg-7284-2277",
"tags": [
"x_refsource_CONFIRM"
]
}
],
"metrics": [
{}
]
}
}
}